SafeWave Robotics / Physical AI Follow-Up Questionnaire

High-consequence follow-up for robots, autonomous platforms, humanoids, drones, vehicles, machines, actuators, industrial systems, care robots, physical assistants, and other embodied AI systems.

Follow-up questionnaire notice

Complete this page only if you selected Robotics / physical AI / autonomous system at the end of the core SafeWave questionnaire. These answers are used to generate a separate High-Consequence Addendum and do not replace the core assessment.
Confidentiality, Anonymity & Use Notice

We recognize that this follow-up questionnaire may involve confidential, security-sensitive, operationally sensitive, or high-consequence system information. Please do not include classified information, credentials, live vulnerability details, proprietary implementation details, customer data, or other highly sensitive material unless you are authorized to share it for assessment purposes.

You may complete this questionnaire without identifying your company, product, or organization. You may use a generic system label, a generic contact email, or an internal assessment reference instead of a formal company identifier.

The purpose of this questionnaire is to help you gain a deeper understanding of your own system. Simply answering the questions may reveal areas where control boundaries, escalation pathways, runtime limits, auditability, rollback, authorization, or safe-state behavior may need further review.

You do not have to submit this questionnaire to receive value from it. You may use it internally as a self-assessment tool. If you choose to submit it for report generation, the resulting SafeWave report is intended to highlight areas of concern, explain why they matter, and map relevant findings to possible SafeWave substrates or engineering-pack pathways where applicable.

SafeWave’s goal is to help advanced systems remain more bounded, controllable, auditable, recoverable, and resistant to harmful escalation. Some issues may involve outside attackers, but others may arise from the system’s own architecture, automation, permissions, integrations, update pathways, or failure behavior.

Any SafeWave recommendations should be understood as architectural guidance and implementation requirements, not as a claim that one generic solution can be dropped into every system. Engineering teams may choose to implement equivalent controls themselves, or they may use SafeWave substrate mappings and Level 4 Engineering Packs to guide deeper implementation work.

If an implementation detail is not known, select Unknown / not evaluated rather than guessing.

Answer based on actual or currently planned system behavior, not ideal policy language.

Assessment Linkage

Assessment Linkage

If you want this follow-up to be matched to a previously completed core questionnaire, use the same system label, contact email, or assessment reference ID. You may use generic identifiers if confidentiality is a concern.

To connect this follow-up to a core questionnaire, use the same system label, email, or assessment reference ID across forms. You may use generic identifiers if confidentiality is a concern.

Robotics / Physical AI / Autonomous Systems

Robotics / Physical AI / Autonomous Systems Questions

These questions evaluate higher-consequence robotics risks involving physical harm, fleet-level failure, authenticated override, hostile cyber compromise, remote takeover, embodied deception, vulnerable-user exposure, OTA capability escalation, weaponization, and cross-system cascades.

RA.1 What high-consequence robotics context applies to this system?

Select all that apply.

Multi-select

RA.2 Could failure, misuse, hijacking, or degraded operation create direct physical harm?

Single choice

RA.3 Has the system been independently tested under real-world stress, failure, or adversarial environmental conditions?

Examples include heat, cold, vibration, dust, water, electromagnetic interference, sensor spoofing, poor lighting, crowded environments, network loss, or mechanical fatigue.

Single choice

RA.4 Can fleet-wide defects, corrupted updates, shared model errors, or hardware faults cause synchronized unsafe behavior across multiple units?

Single choice

RA.5 Is there a certified fleet-wide rollback, recall, quarantine, or safe physical mode that can halt unsafe behavior across all affected units?

Single choice

RA.6 Are emergency stop, kill-switch, lockout, or override mechanisms physically independent from ordinary software control?

Single choice

RA.7 Are override mechanisms authenticated, tamper-resistant, and usable during degraded, adversarial, or emergency conditions?

Single choice

RA.8 Could remote access, OTA updates, exposed APIs, cloud commands, or compromised credentials alter physical behavior?

Single choice

RA.9 Are safety-critical robotics subsystems isolated from non-critical software, cloud services, user-facing interfaces, and external integrations?

Single choice

RA.10 Are physical capability limits such as force, torque, speed, reach, grip strength, acceleration, and load capacity hard-capped?

Single choice

RA.11 Can updates, configuration changes, or model upgrades increase physical capability limits after deployment?

Single choice

RA.12 Can the robot impersonate, imitate, or be mistaken for a trusted human role?

Examples include doctor, nurse, caregiver, teacher, parent, police officer, manager, security guard, technician, or institutional representative.

Single choice

RA.13 Are identity, role, and instruction authority clearly authenticated before the robot gives or relays instructions?

Single choice

RA.14 Can the robot give instructions that users may treat as authoritative?

Examples include medical, safety, operational, access-control, financial, caregiving, legal, educational, or emergency instructions.

Single choice

RA.15 Does the system interact with vulnerable users?

Select all that apply.

Multi-select

RA.16 If vulnerable users are involved, is continuous human responsibility clearly preserved?

Single choice

RA.17 Can the robot create emotional dependency, excessive trust, pseudo-attachment, or behavioral influence through physical presence, voice, gesture, proximity, or repeated interaction?

Single choice

RA.18 Are persuasive, intimate, coercive, manipulative, or authority-like interaction patterns restricted?

Single choice

RA.19 Can advanced AI integration increase deception, autonomy, planning, coordination, or adaptive behavior in the robot?

Single choice

RA.20 Is high-level AI planning isolated from direct mechanical actuation?

Single choice

RA.21 Can robots coordinate with other robots, vehicles, drones, industrial systems, smart buildings, or autonomous infrastructure in ways that could create cross-system cascades?

Single choice

RA.22 Are cross-domain interactions fail-closed if signals, commands, identities, or environmental assumptions become uncertain?

Single choice

RA.23 Could the robot or fleet be repurposed for coercive, law-enforcement, military, security, surveillance, or crowd-control functions?

Single choice

RA.24 Are there explicit prohibitions or hard controls preventing unauthorized weaponization, coercive use, or physical enforcement roles?

Single choice

RA.25 Have black-swan robotics scenarios been tabletop-tested?

Examples include mass firmware bug, corrupted OTA update, synchronized sensor failure, model-level reasoning defect, coordinated hijacking, actuator batch defect, environmental anomaly, or multi-system cascade.

Single choice

RA.26 Are robotics incidents independently investigated, logged, and reviewable in a way comparable to aviation, medical-device, or industrial-safety incident review?

Single choice

RA.27 Is there a documented robotics safety case showing why the system is safe for its intended operating environment?

Single choice

RA.28 Is the robot’s operating design domain clearly defined and enforced?

Examples include allowed locations, surfaces, lighting, weather, human proximity, object types, speed zones, task types, and restricted environments.

Single choice

RA.29 If the robot behaves unsafely near humans, is there a practical human escape, rescue, or manual recovery pathway?

Single choice

RA.30 Can the robot enter, unlock, access, or move through restricted physical areas?

Examples include homes, patient rooms, schools, factories, secure facilities, storage areas, laboratories, server rooms, utility rooms, vehicles, or private spaces.

Single choice

RA.31 Are objects, tools, materials, and equipment classified by physical risk before the robot can handle or use them?

Single choice

RA.32 Which high-consequence robotics areas remain unknown or not evaluated?

Select all that apply.

Multi-select

RA.33 Are there robotics, physical AI, or autonomous-system risks not captured above?

Open response

RA.34 Could external cyber compromise, hostile remote access, credential theft, API abuse, OTA compromise, cloud compromise, or command-channel manipulation cause unsafe physical behavior?

Examples include unauthorized movement, unsafe acceleration, route manipulation, collision risk, physical obstruction, harmful force, unsafe tool use, or coordinated fleet behavior.

Single choice

RA.35 Are robotics cyber-compromise scenarios tested against realistic physical consequences?

Examples include hacked vehicle behavior, drone takeover, warehouse fleet disruption, hospital robot misuse, unsafe industrial actuation, compromised remote operator controls, or coordinated multi-unit physical harm.

Single choice

RA.36 Should this assessment also include the Cybersecurity / Cyber Operations follow-up questionnaire?

Select “Yes” if cyber compromise, remote access, credential abuse, exposed APIs, OTA updates, cloud commands, telemetry manipulation, or adversarial control could materially affect the robot, vehicle, drone, machine, actuator, or robotic fleet.

Single choice

RA.37 — Human-Proximity Action Boundary

Can the system initiate movement, force, tool use, object handling, access, or navigation near humans before proximity, identity, vulnerability, consent, and escape-path conditions are verified?

Single choice

RA.38 — Physical Context Uncertainty Boundary

Does the system fail closed when object identity, human intent, terrain, restricted-area status, tool risk, environmental condition, or physical context is uncertain?

Single choice

Your completed follow-up will include the linkage fields above so this follow-up can be matched to the core questionnaire if you choose to share it for report generation.